Update: New Ransomware Petya, What you need to know!

16th November 2017

Following the Wannacry attack in May, and all the news around data breaches, you may have heard the term “ransomware” mentioned. In short, ransomware is harmful software (malware) that allows criminals to use extortion and hold your computer and the files on it for a big ransom fee.

Last week a second wave of ransomware hit by the name of Petya or NotPetya because this malware was first seen in 2016. However, it has now been re-released with better encryption and – according to reports – no similar flaws to WannaCry which allows it to be halted in its tracks.

Following the Wannacry attack in May, and all the news around data breaches, you may have heard the term “ransomware” mentioned. In short, ransomware is harmful software (malware) that allows criminals to use extortion and hold your computer and the files on it for a big ransom fee.

Last week a second wave of ransomware hit by the name of Petya or NotPetya because this malware was first seen in 2016. However, it has now been re-released with better encryption and – according to reports – no similar flaws to WannaCry which allows it to be halted in its tracks.

Recognising ransomware

Here’s how many ransomware schemes work: Malware secretly installs itself on a computer that lacks sufficient protection to block it. This could happen through a Web page, email attachment, or a link on social media sites. Once installed, the ransomware could lock certain files, or even the entire computer, so the user can’t access it.

Where Petya slightly differs is that it only locks the first 1MB of data in each file. This could allow most data to be recovered if they’re large files, but is still dangerous.

Next comes the extortion. Victims may see a visual notice, or hear an audio file, claiming the computer has been locked by law enforcement or some large corporation with the intent to scare people into action. The computer is then locked, or the files are encrypted until the ransom is paid. An alternate version of ransomware is ‘scareware,’ which claims that the victim’s computer has a virus. In either case, if this happens to you, the crooks behind it all will attempt to strong arm you into paying money before you can access your computer or files again normally.

At this point, your PC is being held for ransom—hence the name. So how can you help prevent this from happening?

Helping prevent ransomware

Don’t interact with spam email. By clicking links or opening suspicious attachments, you could be inviting ransomware, or other malware, onto your computer. Just delete spam immediately without opening it.

Avoid suspicious sites and downloads. Web sites that illegally promise free software, music, and movies are often bait to lure in unsuspecting victims. This plays into the theme of the ransomware pretending to originate from law enforcement. If you have teens in your home, who often like to visit such dubious sites, make them aware of this malware danger.

Arm your PC with strong, up-to-date security software. The right protection will recognize dangerous sites, downloads, and spam. Thus, stopping the ransomware dead in its digital tracks before it can install itself. Make sure your protection stays current though, or it won’t be able to recognize new threats.

Back-up your files often. As in most cases when ransomware hits, it is difficult to remove. Even if you do successfully remove the malware, your files may still remain inaccessible.

Keep your OS updated. Malware like this finds ‘vulnerabilities’ or weak spots in your system if it hasn’t been updated in a while

Am I save if I’m on a Windows 10 server?

If you’re on a Windows 10 server your system should be automatically updating.

Only Windows which are no longer supported are vulnerable, including Windows XP and Windows 8.

You can check if your Windows system is updating by open the Control Panel, in your Start Menu, and searching for Windows Update. There you can enable it. You can also check for updates here, to make sure everything is up to date.

Fill out our form below or call 01 500 9001 if you’d like more information about malware or how we can protect you.